蓝鲸社区单机版安装部署手册-ITB运维部落—http://www.itbcn.cn—ITB运维技术交流之家平台
记录工作点滴
分享运维知识

蓝鲸社区单机版安装部署手册

官方网址:http://bk.tencent.com/

目前社区单机版最低配置:4核心 12G 内存 50G 硬盘

复制代码
[[email protected] ~]# df -h
Filesystem               Size  Used Avail Use% Mounted on
/dev/mapper/centos-root   88G  5.2G   83G   6% /
devtmpfs                 5.9G     0  5.9G   0% /dev
tmpfs                    5.9G     0  5.9G   0% /dev/shm
tmpfs                    5.9G   13M  5.9G   1% /run
tmpfs                    5.9G     0  5.9G   0% /sys/fs/cgroup
/dev/sda1                473M  150M  323M  32% /boot
tmpfs                    1.2G  4.0K  1.2G   1% /run/user/42
tmpfs                    1.2G   60K  1.2G   1% /run/user/0
/dev/sr0                 4.2G  4.2G     0 100% /run/media/root/CentOS 7 x86_64
[[email protected] ~]# free -m
              total        used        free      shared  buff/cache   available
Mem:          11998         941       10164          15         892       10719
Swap:         12287           0       12287
[[email protected] ~]# cat /proc/cpuinfo| grep "processor"| wc -l
4
复制代码

我这是个人笔记本安装

但是I7-6700HQ这款CPU其实是单核4核心外加4线程

所以wmware里最大只能选择如下

 

Centos7 安装就不啰嗦了,sercuriy policy 可以不用设置 kdump也可以关了

Centos7关闭防火墙、开机禁用防火墙

[[email protected] ~]# systemctl stop firewalld.service
[[email protected] ~]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.

Centos7关闭NetworkManager服务,并设置开机禁用

[[email protected] ~]# service NetworkManager stop
Redirecting to /bin/systemctl stop NetworkManager.service
[[email protected] ~]# systemctl disable NetworkManager.service
Removed symlink /etc/systemd/system/multi-user.target.wants/NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.NetworkManager.service.
Removed symlink /etc/systemd/system/dbus-org.freedesktop.nm-dispatcher.service.

关闭SELinux   修改配置文件(需要重启)

vi /etc/selinux/config 

SELINUX=enforcing 改为SELINUX=disabled

[[email protected] ~]# getenforce
Enforcing

修改系统ulimit值

修改之前需要重启下ssd服务

[[email protected] etc]# systemctl restart sshd.service
[[email protected] ~]# ulimit -n
1024
[[email protected] ~]# echo ulimit -n 204800 >> /etc/profile
[[email protected] etc]# source /etc/profile
[[email protected] etc]# ulimit -n
204800

为其他用户修改当前交互终端的limit值

复制代码
[[email protected] etc]# vi /etc/security/limits.conf

# End of file

soft nofile 204800
hard nofile 204800
hive – nofile 1024000
hive – nproc 1024000

复制代码

经过以上修改,在有些系统中,用一般用户再登陆,仍然没有修改过来,那么需要检查是否有如下文件,如果没有,则要添加如下内容:

  [[email protected] etc]# vi /etc/pam.d/sshd

session required /lib/security/pam_limits.so

[[email protected] etc]# systemctl restart sshd.service

仍然不行,那么需要修改如下文件:

 

vim /etc/ssh/sshd_config
UsePrivilegeSeparation no

 

检查系统的umask值

[[email protected] etc]# umask
0022

root用户 0022
一般用户 0002

umask修改只是临时,可以通过修改/etc/profile 或者 /etc/bashrc 添加 umask xxx 来修改

两个文件不同之处在于/etc/profile只对新创建的用户生效,而/etc/bashrc对所有用户都生效

安装并检查rsync

 

对于负荷较重的 rsync 服务器应该使用独立运行方式

[[email protected] ~]# yum install rsync xinetd
[[email protected] ~]# /usr/bin/rsync --daemon

对于负荷较轻的rsync服务器可以使用xinetd运行方式

[[email protected] xinetd.d]# yum install rsync xinetd
[[email protected] xinetd.d]#/etc/init.d/xinetd start
[[email protected] xinetd.d]#netstat -ntpl | grep 873 --查看服务是否启动

客户端(部署单机版不需要客户端)

[[email protected] xinetd.d]#yum -y install rsync

配置DNS用于解析公网YUM源

[[email protected] xinetd.d]# vi /etc/resolv.conf
# Generated by NetworkManager
nameserver 202.102.224.68
nameserver 202.102.227.68
nameserver 8.8.8.8/114.114.114.114

配置公网yum源头

[[email protected] xinetd.d]# wget /etc/yum.repos.d/CentOS-Base.repo http://mirrors.aliyun.com/repo/Centos-7.repo
wget /etc/yum.repos.d/epel.repo http://mirrors.aliyun.com/repo/epel-7.repo
[[email protected] xinetd.d]# yum clean all
[[email protected] xinetd.d]# yum repolist
[[email protected] xinetd.d]# yum makecache

腾讯云EPEL

EPEL (Extra Packages for Enterprise Linux) 是由 Fedora Special Interest Group 为企业 Linux 创建、维护和管理的一个高质量附加包集合适用于
但不仅限于 Red Hat Enterprise Linux (RHEL), CentOS, Scientific Linux (SL), Oracle Linux (OL)

# epel(RHEL5系列)
wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-5.repo
# epel(RHEL6系列)
wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-6.repo
# epel(RHEL7系列)
wget -O /etc/yum.repos.d/epel.repo http://mirrors.cloud.tencent.com/repo/epel-7.repo

上传蓝鲸包并解压

复制代码
[[email protected] data]# ls -l
total 1397608
-rw-r--r--.  1 root root 599243450 Dec 12 18:39 bkce_common-1.0.0.tgz
-rw-r--r--.  1 root root 811181199 Dec 12 18:38 bkce_product-4.1.16.tgz
drwxr-xr-x. 13 root root      4096 Oct 12 16:50 install
-rw-r--r--.  1 root root  20714827 Dec 12 18:40 install_ce-master-1.4.13.tgz
drwxr-xr-x. 14 root root       242 Oct 15 19:10 src
复制代码

获取本机mac地址

获取机器的MAC地址后,下载证书文件: http://bk.tencent.com/download/#ssl, 解压到 src/cert 目录下

[[email protected] data]# tar xf ssl_certificates.tar.gz -C /data/src/cert

修改管理员密码

[[email protected] data]# vim /data/install/globals.env
export PAAS_ADMIN_PASS='password'

启动安装脚本前的检查

复制代码
[[email protected] install]# ./precheck.sh 
<<check_ssh_nopass>> has been checked successfully... SKIP
<<check_password>> has been checked successfully... SKIP
<<check_cert_mac>> has been checked successfully... SKIP
<<check_selinux>> has been checked successfully... SKIP
<<check_umask>> has been checked successfully... SKIP
<<check_get_lan_ip>> has been checked successfully... SKIP
<<check_rabbitmq_version>> has been checked successfully... SKIP
<<check_http_proxy>> has been checked successfully... SKIP
start <<check_open_files_limit>> ... [OK]
start <<check_domain>> ... [OK]
start <<check_rsync>> ... [OK]
start <<check_networkmanager>> ... [OK]
start <<check_firewalld>> ... [OK]
复制代码

安装开始

复制代码
[email protected] install]# ./install_minibk 
[192.168.30.109]20181217-140612 37   install.config exists. backup it to install.config.20181217_140612
‘install.config’ -> ‘install.config.20181217_140612’
<<check_ssh_nopass>> has been checked successfully... SKIP
<<check_password>> has been checked successfully... SKIP
<<check_cert_mac>> has been checked successfully... SKIP
<<check_selinux>> has been checked successfully... SKIP
<<check_umask>> has been checked successfully... SKIP
<<check_get_lan_ip>> has been checked successfully... SKIP
<<check_rabbitmq_version>> has been checked successfully... SKIP
<<check_http_proxy>> has been checked successfully... SKIP
<<check_open_files_limit>> has been checked successfully... SKIP
<<check_domain>> has been checked successfully... SKIP
<<check_rsync>> has been checked successfully... SKIP
<<check_networkmanager>> has been checked successfully... SKIP
<<check_firewalld>> has been checked successfully... SKIP
where do you want to install blueking products.
enter a absolute path [/data/bkce]: 
[192.168.30.109]20181217-140616 212   >> rsync -a /data/src/service/py27 /opt/
Loaded plugins: fastestmirror, langpacks
Repository os is listed more than once in the configuration
Repository updates is listed more than once in the configuration
Repository centosplus is listed more than once in the configuration
Repository cloud is listed more than once in the configuration
Repository cr is listed more than once in the configuration
Repository extras is listed more than once in the configuration
Repository fasttrack is listed more than once in the configuration
Repository cr is listed more than once in the configuration
Repository fasttrack is listed more than once in the configuration
Loading mirror speeds from cached hostfile
Package autoconf-2.69-11.el7.noarch already installed and latest version
Resolving Dependencies
--> Running transaction check
---> Package gcc.x86_64 0:4.8.5-28.el7 will be updated
--> Processing Dependency: gcc = 4.8.5-28.el7 for package: libitm-devel-4.8.5-28.el7.x86_64
---> Package gcc.x86_64 0:4.8.5-36.el7 will be an update
--> Processing Dependency: libgomp = 4.8.5-36.el7 for package: gcc-4.8.5-36.el7.x86_64
--> Processing Dependency: cpp = 4.8.5-36.el7 for package: gcc-4.8.5-36.el7.x86_64
--> Processing Dependency: libgcc >= 4.8.5-36.el7 for package: gcc-4.8.5-36.el7.x86_64
--> Running transaction check
。。。
。。。
。。。
复制代码

提示

复制代码
------------------------- agreements ---------------------------------
    Dear users, welcome to use the Tencent BlueKing Software. Please
access http://bk.tencent.com/info/#laws to read the Tencent BlueKing
Software License and Service Agreement carefully. You have no right to
install or use the Software and related services unless you have read
and accepted all the terms of this Agreement. By downloading, install-
ing, using or logging in the Software, you shall be deemed to have
read and agreed to be bound by the Agreement above. If you have under-
stood the above content, please enter "yes" to continue installation,
otherwise, please enter "no" to abort. Thank you for your understan-
ding and support of the Tencent BlueKing Software. 
----------------------------------------------------------------------
yes/no ? yes

 

未经允许不得转载:ITB运维部落—http://www.itbcn.cn—ITB运维技术交流之家平台 » 蓝鲸社区单机版安装部署手册

如果文章对你有帮助,欢迎点击上方按钮打赏作者

评论 抢沙发

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址